cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
15689 commits 4 branches 1 tag 499 MiB
Commit graph

36 commits

Author SHA1 Message Date
Nenad Vujicic
4133936c63 Updates notes filtering to search description too 
Updates notes filtering to search for query text in both note comments and note's description.
 2025-02-12 18:22:50 +01:00
Anton Khorev
47d55a2b0f Simplify write_notes scope check in api notes controller 2025-01-24 06:16:11 +03:00
Anton Khorev
2347906725 Send notifications to note subscribers instead of commenters 2024-11-08 11:40:55 +03:00
Anton Khorev
2d7e0a397a Subscribe users when they interact with notes 2024-10-28 02:35:25 +03:00
Andy Allan
83425edd8d Move api error handling and timeouts to parent class 
Fixes #4861

Since the around_action is defined before authorize_resource is called,
the handler needs to pass on the CanCan::AccessDenied exception.

I've added the timeouts where I think they were missing (e.g. UserPreferencesController)
but I've kept the exception for changeset#upload and traces#create
 2024-10-02 16:37:32 +01:00
Tom Hughes
17bc0853a0 Drop support for OAuth 1 2024-09-01 03:43:02 +03:00
mmd-osm
5b707ae5ea Lock note during status update to avoid race condition 2024-08-06 19:51:48 +02:00
Andy Allan
c1cccd40fc Move check_api_readable to api_controller 
It's easier to skip the check in the two places that we need to, and
include it by default everywhere else.
 2024-05-29 14:54:16 +01:00
Tom Hughes
2153e00f9f Drop ACL check from notes#comment as we no longer allow anonymous comments 2023-11-23 16:56:07 +00:00
Tom Hughes
f08fb4f30f Prevent API tokens without write_notes creating attributed comments 
Fixes #4362
 2023-11-22 12:30:39 +00:00
Tom Hughes
be3baea4de Merge remote-tracking branch 'upstream/pull/4222' 2023-09-03 18:54:18 +01:00
Anton Khorev
11df872c3e Add bbox parameter to notes search api 2023-09-03 11:26:05 +03:00
Anton Khorev
0ef4a299bb Check required bbox parameter presence outside of BoundingBox class 2023-09-03 09:47:27 +03:00
Tom Hughes
704781ad0b Add some additional preloads to notes#feed 2023-09-02 11:44:59 +01:00
Andy Allan
f5db9cbb20 Avoid using _id in queries 
This makes the queries shorter and easier to read.
 2023-08-30 17:08:16 +01:00
Anton Khorev
bc9f081841 Move note query limit values to settings 2023-08-19 05:06:00 +03:00
Andy Allan
067b0de439
Merge pull request #3676 from harry-wood/notes-disappear-time 
Display how long until a note will disappear
 2022-11-23 15:44:26 +00:00
Andy Allan
22946d703a Enable the ActionOrder cop for remaining controllers 
Where actions were reordered, the rails standard actions were
also moved to the top of each controller.
 2022-11-02 11:06:00 +00:00
Anton Khorev
225b260640 Pass min/max lat/lon to notes index rss builder 2022-10-25 13:52:28 +03:00
Anton Khorev
0c8b9eabf3 Pass min/max lat/lon to notes rss feed builder 2022-10-25 13:35:18 +03:00
Robbendebiene
ed1112bcef Allow setting HTTP ACCEPT header for notes API 
Previously the notes API return type could only be specified by appending the file extension like .json or .rss
 2022-09-23 11:40:19 +02:00
Harry Wood
e057e1c479 Define a DEFAULT_FRESHLY_CLOSED_LIMIT constant 
Define DEFAULT_FRESHLY_CLOSED_LIMIT in the Note model to allow the 7 day limit to be referenced in the API controller and in the new `freshy_closed_until` logic. The default value is `7.days`. API users can still override this, but the website uses that default for the duration of the green "freshly closed" notes markers.
 2022-09-14 23:59:41 +01:00
Tom Hughes
1a4faa4507 There is no need to do setup_user_auth and authorize for the same action 2022-07-08 16:38:51 +01:00
Tom Hughes
7f619c6484 Check API status before authorizing access 
Fixes #3530
 2022-04-11 20:47:52 +01:00
Tom Hughes
b5f06e06c1 Fix rubocop Rails/TimeZone warnings 2022-03-01 22:55:10 +00:00
Andy Allan
78b9d92207 Prefer keyword arguments when method has optional boolean arguments 2020-11-12 11:24:44 +00:00
Andy Allan
2c1033f62d Rename Notifier to UserMailer 
It's a convention in rails to name your mailers with a Mailer suffix, and is also common to name the class after the recipient (e.g. User, Admin). So UserMailer seems a reasonable choice.
 2020-10-14 15:04:58 +02:00
Andy Allan
8c326a6c1f Remove unnecessary layout calls from api controllers 
These were left over from the refactoring of the controllers into api and non-api versions.
 2020-07-08 18:51:27 +02:00
ENT8R
b84799f481 Keep the behaviour backwards-compatible 2020-02-19 12:58:47 +01:00
ENT8R
b7bdc88008 Don't expose technical terms to the user 2019-10-03 17:17:59 +02:00
ENT8R
d6c01586fe Sort and order notes by different values and ascending or descending order 2019-10-03 14:12:27 +02:00
Tom Hughes
783b5e3729 Merge remote-tracking branch 'upstream/pull/1926' 2019-08-28 17:23:10 +01:00
Andy Allan
742291a840 Simplify deny_access handling 
Now that we have all api controllers inheriting from a common base,
it's easier to override the deny_access handler without having to
switch between both.

Fixes #2064
 2019-03-20 14:39:17 +01:00
Andy Allan
3bb07e29ec Refactor api controllers to inherit from a common ApiController 2019-03-20 14:16:15 +01:00
Andy Allan
d102c9aaf4 Move all settings to settings.yml 
We leave the STATUS setting alone, since it's required before rails
boots. The test-specific settings now live in config/settings/test.yml
 2019-03-13 18:06:23 +01:00
Andy Allan
b4dbf6233c Move the notes api methods into a controller in the api namespace 2019-02-28 17:12:28 +01:00